chore: update request object typ

italia · Oct 28, 2024 · 1856661 · 1856661
1 parent da47074
commit 1856661
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/pyeudiw/satosa/default/request_handler.py b/pyeudiw/satosa/default/request_handler.py
@@ -14,6 +14,7 @@
 class RequestHandler(RequestHandlerInterface, BackendDPoP, BackendTrust):
 
     _RESP_CONTENT_TYPE = "application/oauth-authz-req+jwt"
+    _REQUEST_OBJECT_TYP = "oauth-authz-req+jwt"
 
     def request_endpoint(self, context: Context, *args) -> Response:
         self._log_function_debug("response_endpoint", context, "args", args)
@@ -57,7 +58,10 @@ def request_endpoint(self, context: Context, *args) -> Response:
         helper = JWSHelper(self.default_metadata_private_jwk)
         request_object_jwt = helper.sign(
             data,
-            protected={'trust_chain': self.get_backend_trust_chain()}
+            protected={
+                'trust_chain': self.get_backend_trust_chain(),
+                'typ': RequestHandler._REQUEST_OBJECT_TYP
+            }
         )
         return Response(
             message=request_object_jwt,

diff --git a/pyeudiw/tests/satosa/test_backend.py b/pyeudiw/tests/satosa/test_backend.py
@@ -587,6 +587,7 @@ def test_request_endpoint(self, context):
         payload = decode_jwt_payload(request_object_jwt)
         assert header["alg"]
         assert header["kid"]
+        assert header["typ"] == "oauth-authz-req+jwt"
         assert payload["scope"] == " ".join(CONFIG["authorization"]["scopes"])
         assert payload["client_id"] == CONFIG["metadata"]["client_id"]
         assert payload["response_uri"] == CONFIG["metadata"]["response_uris_supported"][0]